WordPress update fails with a “permission denied” error?

I need to determine what user the WordPress update process thinks it is since it is not the user that runs all the other pages and posts as I have all files and folders owner by apache.

The WordPress update process has no idea which user it’s running as, nor does it care. It doesn’t even check the user, and why should it. The owner of the file and the user the PHP process is running as may differ deliberatly. If it’s the wrong user then WP will neither know or be able to do anything about it.

All code ran by PHP-FPM will be running under the same user, regardless of wether it’s WordPress or a quick info.php you put in the web root.

Here’s your problem:

Warning: copy(/var/www/html/wp-admin/includes/update-core.php): failed to open stream: Permission denied in /var/www/html/wp-admin/includes/class-wp-filesystem-direct.php on line 281

Code running from PHP files does not have permission to modify that file. That PHP warning is from PHP itself, it’s not something WordPress has output.

You need to:

  • confirm that the file is writable/deletable from the PHP process user
  • confirm that the folder is writable/deletable from the PHP process user. Just because the file permission is good doesn’t mean the folder is good too
  • that the ownership of that folder is correct, both for the owning user, and the owning group. Just because the file permission and folder permissions are good, doesn’t mean they apply to the PHP process user.

It’s not as simple as setting the right permission number with chmod. Ownership matters hugely.

For example, 664:

enter image description here

664 is useless to you if the owner is root. apache is neither the root user or in the root group ( I’m assuming that’s the case on your specific system ).

As a result, apache would fall into the other bucket, and other groups only have read access.

However, if it was owned by another user that shared the same group as apache, or if it was owned by apache itself, then 664 might work as it’d be owner or group rights that apply.

What about 775?

enter image description here

It’s the same but you’ve made the files executable.

So there is no WordPress specific solution here to your problem, which is that the folders aren’t writable by PHP scripts.

As an aside, you should be making all your WP Core files read only to the PHP user so malware can’t modify them, then using an external tool to update WP, such as WP CLI on a cron job, or version control such as git.

Eitherway your problem and solution involves file/folder ownership and permissions. Perhaps your apache user isn’t in the appropriate group. Maybe it doesn’t own the files? Only you can tell.

Related Posts:

  1. How Do I Configure Automatic Updates in WordPress 3.7?
  2. Will A WordPress automatic update harm my website?
  3. What is a “forced plugin update”, how can I avoid it and use it for my plugins
  4. Automatic updates are not working
  5. Is it possible to prevent website from breaking with auto update?
  6. Enable automatic minor core updates when root of site is a git repository
  7. WordPress Health Tool reporting version control as a critical issue
  8. Unable to get WordPress auto update working on Ubuntu 12.04
  9. WordPress 3.0.1 Auto Update Problem
  10. Disable Plugin Updates but Allow WP Auto Security Updates
  11. Missing Update Link to 3.02/3.03 on Dashboard
  12. Change email for update notification
  13. How does wordpress handle file permissions when automatic updates are enabled?
  14. How to schedule Automatic WordPress Plugin and Core updates for night times
  15. Auto Plugin & Core Updates Not Working For Custom Theme
  16. WordPress updates and Git
  17. How to debug background/auto update?
  18. How can I fix my server so core/plugins/theme update don’t silently fail?
  19. WordPress 3.1 not autoupdating
  20. WordPress core auto update fails for UpdraftPlus WordPress Backup Plugin
  21. Automatic updates only in a predefined maintenance window
  22. Auto updating a single plugin
  23. Could auto-update delete core WordPress files and cause a white screen of death?
  24. Changing random post publish time for repost
  25. WordPress sites got auto upgraded [duplicate]
  26. How to turn off automatic updates of the WordPress core
  27. How to trigger automatic plugin updates in WordPress 5.5
  28. Adding a banner to the install dialogue of a custom plugin
  29. Auto generate custom post title
  30. WordPress 3.3 auto update not working
  31. How to know current auto-update status of the WordPress core?
  32. Auto update error messages
  33. Allow auto-updates on a non-managed WordPress site?
  34. Will WordPress Auto Update work on a site with Basic Authentication enabled?
  35. WordPress site auto updates for no reason
  36. Are automatic background plugin updates for non-WP.org plugins possible?
  37. Auto Update fail time my external folder deleted
  38. Stop WordPress from auto updating
  39. How Do I Configure Automatic Updates in WordPress 3.7?
  40. Enable automatic plugin update for certain plugins [duplicate]
  41. Auto generate meta data value in post
  42. How to upgrade WordPress automatically?
  43. WordPress Automated Posts Creation
  44. Alter how often WordPress Auto-Updates Plugins
  45. How do I exclude plugins from getting automatically updated?
  46. How to implement WordPress plugin update that modifies the database?
  47. How to disable core and plugin updates
  48. Schedule WordPress Auto-Updates to only run during business hours
  49. Real automated and unattended wordpress upgrade including plugins
  50. How To/What triggers a WordPress auto update?
  51. Prevent/Disable Automatic Update Check
  52. Automate WordPress Database Upgrade
  53. How to disable the “Your site has updated to WordPress x.y.z” admin email?
  54. Hook into WordPress update?
  55. Recommended File Permissions
  56. Plugin update error message
  57. Is there any way to test if a function running only on plugin update is successfully running?
  58. Automatic Updates For Private And Commercial Themes?
  59. How and where can we request new WordPress hooks to be added?
  60. Plugins won’t auto-update on IIS
  61. A function to fetch blog content via rss feed
  62. How can I bulk update all posts without making changes?
  63. Website not updating – no cache plugins active!
  64. How to display LinkedIn feed/company updates into WordPress site? [closed]
  65. Auto backup before automatic WordPress updates
  66. Why does WordPress 4.2.2 require FTP to update?
  67. Why won’t WordPress on localhost find updates?
  68. Batch update a post meta field value of each post in Post Type
  69. Same theme name issue with wordpress repository theme
  70. Check for files and database integrity
  71. Restored WordPress on new Server – Can’t auto-update plugins
  72. Can’t update/install plugins or WordPress
  73. Create cron job for update translations automatically
  74. Inherited website changing CSS/JS path
  75. Site Crashes When Updating to WordPress (Version 3.6)
  76. can’t access backend while frontend works perfect
  77. IP addresses to block to stop WP auto-update?
  78. How to back up and up date a site to a newer version?
  79. How (or where) do I get wordpress plugin update download link?
  80. Disable Database Update Required ? break my website
  81. What is the best way to hook a rewrite function for certain php code when plugins are updated?
  82. Automate post update for all posts?
  83. Change modified date to current date when title updated automatically
  84. how to show current date on post title which should be auto update in every day
  85. Update main post with same category when creating custom post to update the modified date
  86. WP-CLI: detect altered core files and restore them automatically
  87. Possible to automatically update plugin without user interaction
  88. Is it possible to issue a theme update that requires a new plugin?
  89. Can’t access dashboard after 4.8.1 automatic upgrade
  90. Automating svn updates from a server-side cron job
  91. Correct procedure for fixing broken WP sites after WP version update
  92. WordPress core update fails – no issues with plugin updates
  93. Update WordPress from non-public machine
  94. WordPress Auto Updates
  95. Custom fields and auto save
  96. How to disable the “Your site has updated to WordPress x.y.z” admin email?
  97. Update a WordPress website FROM Twitter or Facebook
  98. Automatic Theme Upgrade hooks?
  99. WordPress auto update for core but use local package
  100. How to Replicate Elementor Licensing Model